<div class="container">
  <h1>query()</h1>
  <p class="signature">public function query(string $sql, ?string $return_type = null): mixed</p>
  <h2>Description</h2>
  <div class="description">
    <p>
      Execute a custom SQL query. This method allows executing custom SQL queries. It takes the SQL query to execute as the first parameter and an optional parameter specifying the type of result to return ('object' or 'array'). It returns the result of the query based on the specified return type.
    </p>
    <p>
      It's important to ensure that the provided SQL query is properly sanitized to prevent SQL injection attacks.
    </p>
  </div>
  <h2>Parameters</h2>
  <table>
    <thead>
      <tr>
        <th>Parameter</th>
        <th>Type</th>
        <th>Description</th>
        <th>Default</th>
        <th>Required</th>
      </tr>
    </thead>
    <tbody>
      <tr>
        <td>sql</td>
        <td>string</td>
        <td>The SQL query to execute.</td>
        <td>N/A</td>
        <td>Yes</td>
      </tr>
      <tr>
        <td>return_type</td>
        <td>string|null</td>
        <td>(optional) The type of result to return ('object' or 'array'). Default is null.</td>
        <td>null</td>
        <td>No</td>
      </tr>
    </tbody>
  </table>
  <h2>Return Value</h2>
  <table>
    <thead>
      <tr>
        <th>Type</th>
        <th>Description</th>
      </tr>
    </thead>
    <tbody>
      <tr>
        <td>mixed</td>
        <td>Returns the result of the query based on the specified return type.</td>
      </tr>
    </tbody>
  </table>
  <h2>Throws</h2>
  <table>
    <thead>
      <tr>
        <th>Exception</th>
        <th>Description</th>
      </tr>
    </thead>
    <tbody>
      <tr>
        <td>RuntimeException</td>
        <td>If the query execution fails.</td>
      </tr>
      <tr>
        <td>InvalidArgumentException</td>
        <td>If the SQL query is potentially vulnerable to SQL injection.</td>
      </tr>
    </tbody>
  </table>
  <h2>Note</h2>
  <div class="note">
    <p>
      It's important to ensure that the provided SQL query is properly sanitized to prevent SQL injection attacks.
    </p>
  </div>
  <h2>Example Usage</h2>
  <p>Below is an example of executing a custom SQL query involving a table join to retrieve information about employees and their corresponding departments:</p>
  <div class="example">
    <pre>$sql = "SELECT e.name AS employee_name, e.position, d.name AS department_name
        FROM employees e
        JOIN departments d ON e.department_id = d.id";
        
$rows = $this->model->query($sql, 'object');</pre>
  </div>
</div>
